JARVIS COMMAND LAYER STATUS v1

STATUS: BASELINE
OWNER: single-owner system
DEFAULT RULE: local first, remote later

PURPOSE

This file summarizes the current Jarvis command layer.

LOCAL IMPLEMENTED COMMANDS

1. STATUS
Script:
- /volume1/docker/jarvis/scripts/status.sh
Mode:
- read-only
- metadata only
Status:
- implemented and tested

2. HEALTH CHECK
Script:
- /volume1/docker/jarvis/scripts/health_check.sh
Mode:
- read-only
- metadata only
Status:
- implemented and tested
Latest result:
- GREEN

3. PUBLIC INDEX
Script:
- /volume1/docker/jarvis/scripts/public_index.sh
Mode:
- public read-only
Status:
- implemented and tested

4. NEXT TASK
Script:
- /volume1/docker/jarvis/scripts/next_task.sh
Mode:
- public read-only
Status:
- implemented and tested

5. BACKUP STATUS
Script:
- /volume1/docker/jarvis/scripts/backup_status.sh
Mode:
- backup metadata only
Status:
- implemented and tested

LOCAL ADMIN ONLY

1. BACKUP NOW
Script:
- /volume1/docker/jarvis/scripts/backup_postgres.sh
Mode:
- write action
Status:
- available locally and through DSM Task Scheduler
Remote activation:
- not approved

2. RESTORE TEST
Mode:
- manual temporary-container procedure
Status:
- completed once successfully
Remote activation:
- not approved

FORBIDDEN REMOTE COMMANDS

The following remain forbidden by default:
- SHOW ENV
- SHOW SECRETS
- DUMP DATABASE
- RESTORE PRODUCTION DB
- RUN SHELL
- DELETE FILES
- DELETE CONTAINERS
- DELETE VOLUMES
- CREATE PUBLIC WEBHOOK
- SEND PRIVATE DATA TO EXTERNAL AI

REMOTE COMMAND INTERFACE

Status:
- not active

Decision:
- owner-authenticated n8n UI first
- no public webhooks yet
- no unauthenticated endpoints
- no free-text command execution

NEXT RECOMMENDED STEP

Create an owner-only command menu design before exposing any command through UI or n8n.


CLOD / CLAUDE COMMAND LAYER STATUS v0.1

Status:
- registered as future model-router module
- not implemented yet
- not tested yet
- not confirmed by ED yet

Command layer decision:
- Claude / CLOD is not part of active command execution
- no executable Claude commands are registered
- no Claude public endpoint is registered
- no remote activation through Claude is approved
- no dashboard execution through Claude is approved
- no free-text execution through Claude is approved

Allowed future role:
- review_only
- draft_only
- classification
- client_reply_draft
- code_review
- architecture_review
- prompt_review
- lead_analysis

Forbidden:
- execute_command
- edit_file_directly
- publish_public_file
- restart_container
- read_secret
- send_message_without_approval
- modify_production_workflow
- send_private_data_to_external_ai

Security rule:
- Claude must not receive secrets, .env files, API keys, tokens, passwords, private headers or private database dumps
- Claude must not modify old n8n
- Claude must not create public webhooks
- Claude must not publish public handoff files automatically
- risky Claude output requires ED approval before any action

Required future path:
- server-side model-router
- sanitizer
- risk classifier
- approval gate
- audit log

END CLOD / CLAUDE COMMAND LAYER STATUS v0.1
END